bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Portability of AF_UNIX connect() permission checks


From: Noah Misch
Subject: Portability of AF_UNIX connect() permission checks
Date: Mon, 3 Mar 2014 22:21:28 -0500
User-agent: Mutt/1.5.21 (2010-09-15)

POSIX specifies EACCES as a "may fail" condition for connect() on an AF_UNIX
socket; it is a "shall fail" condition for open().  I take this to mean that a
conforming connect() implementation could ignore directory search permissions
and/or the socket's own file mode.  Indeed, a couple of decades ago, some
systems did ignore the socket's own file mode:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1402

Do any porting targets of contemporary relevance still behave this way?  If
so, which OS versions are known affected?  I have attached a test program that
illustrates the exact behavior in question, which you can use to test your own
system if curious.

The most gnulib could do is to document this portability hazard, since nothing
outside the kernel could effectively eliminate it.  I ask here since the
gnulib documentation is one of my go-to sources for portability information.

Thanks,
nm

Attachment: sockperm.c
Description: Text document


reply via email to

[Prev in Thread] Current Thread [Next in Thread]